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DETAILED ACTION 
Claim Rejections - 35 USC§102 

1. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

2. Claims 1-49 are rejected under 35 U.S.C. 102(e) as being unpatentable by Stolfo et al 
(US 2004/0002903). 

As per claims 1,24,32,40 Stolfo disclosed a method for allowing proxies in an Identity System, 
comprising the steps of receiving a request for a first entity to be a proxy for a second entity 
(Page. 4, Paragraph. 0042-0043); associating said first entity with one or more credentials of said 
second entity without authenticating said first entity as said second entity; and allowing said first 
entity to use said Identity System as said second entity based on said one or more credentials of 
said second entity (Page. 4, Paragraph. 0047). 

3. As per claim 2 Stolfo disclosed wherein said step of receiving a request includes the steps 
of: providing a notification to said first entity of an ability to be said proxy for second entity; and 
receiving a request from said first entity to be said proxy for said second entity (Page. 5, 
Paragraph. 0051). 
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4. As per claim 3 Stolfo disclosed wherein: 
Paragraph. 0196). 
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said notification includes an email (Page. 1 7, 



5. As per claim 4 Stolfo disclosed wherein: said notification includes a display page for said 
Identity System (Page. 18, Paragraph. 0210). 

6. As per claim 5 Stolfo disclosed wherein said step of receiving a request includes the step 
of receiving an indication from said second entity that said first entity can be said proxy for a 
second entity (Page. 15, Paragraph. 0180). 

7. As per claim 6 Stolfo disclosed wherein said step of receiving a request includes the steps 
of providing a list of potential proxy candidates; providing a search mechanism to add more 
candidates to said list of potential proxy candidates (Page. 7, Paragraph. 0071); and receiving a 
selection of one or more of said potential proxy candidates, including a selection of said first 
entity (Page. 18, Paragraph. 0204). 

8. As per claim 7 Stolfo disclosed wherein: said credentials includes a distinguished name 
for said second entity (Page. 8, Paragraph. 0084). 

9. As per claims 8,25,33 Stolfo disclosed wherein: said credentials includes identity profile 
attributes for said second entity (Page. 1, Paragraph. 0004). 
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10. As per claims 9,26,34,46 Stolfo disclosed wherein: said step of associating includes 
storing an identification of said second entity in a data element used to identify said first entity 
(Page. 4, paragraph 0042). 

11. As per claims 10,41 Stolfo disclosed wherein: said step of associating includes storing an 
identification of said second entity in a cookie for said first entity (Page. 18, Paragraph. 0207). 

12. As per claim 1 1 Stolfo disclosed wherein: said step of associating includes using an 
identification of said second entity to identify said first entity (Page. 10, paragraph. 0096). 

13. As per claims 12,27 Stolfo disclosed wherein said step of associating includes the steps 
of accessing an Identity System cookie for said first entity, said Identity System cookie stores an 
identification of said first entity (Page. 18, paragraph. 0207); storing said identification of said 
first entity from said step of accessing in a second cookie; and storing an identification of said 
second entity in said an Identity System cookie for said first entity (Page. 5, paragraph. 0051). 

14. As per claims 13,42,47 Stolfo disclosed further comprising the steps of receiving a 
request to terminate said first entity being a proxy for said second entity; accessing said 
identification of said first entity in said second cookie; and storing said identification of said first 
entity in said Identity System cookie for said first entity (Page. 18, Paragraph. 0207). 
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15. As per claim 14 Stolfo disclosed further comprising the steps of receiving a request from 
said first entity to access said Identity System; determining whether said Identity System cookie 
for said first entity exists; providing access to said Identity System for said (Page. 18, Paragraph. 
0207). First entity if said Identity System cookie for said first entity exists; and authenticating 
said first entity and creating said Identity System cookie if said Identity System cookie for said 
first entity does not exist prior to said step of determining, said step of creating includes adding 
said identification of said first entity to said Identity System cookie (Page. 19, Paragraph. 213). 

16. As per claims 15,28,36,43,48 Stolfo disclosed wherein said step of allowing includes the 
steps of receiving a request from said first entity to access a service in said Identity System; 
accessing said identification of said second entity in said Identity System cookie (Page. 18, 
Paragraph. 0207); accessing attributes for said second entity based on said identification of said 
second entity in said Identity System cookie; and providing access to said service in said Identity 
System based on said attributes for said second entity (Page. 18, Paragraph. 0209). 

17. As per claims 16,29,37,44,49 Stolfo disclosed wherein: said steps of receiving, 
associating and allowing are performed without said first entity providing a password for said 
second entity (Page. 12, Paragraph. 0125). 

18. As per claim 17 Stolfo disclosed wherein: said step of associating verifies that said 
second entity is a delegated administrator having a right to be proxied (Page. 10, Paragraph. 
0101). 
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19. As per claim 18 Stolfo disclosed further comprising the step of: delegating a right to be 
proxied to said second entity, said step of associating verifies that said second entity has said 
right to be proxied (Page. 10, Paragraphed. 0101). 

20. As per claim 19 Stolfo disclosed wherein: said Identity System is part of an integrated 
Identity System and Access System (Page. 5, Paragraph. 0051). 

21 . As per claim 20 Stolfo disclosed wherein: said Identity System is part of an integrated 
Identity System and Access System; and said an integrated Identity System and Access System 
uses said credentials of said second entity to authorize said second entity to access resources 
(Page. 5, Paragraph. 0051). 

22. As per claim 21 Stolfo disclosed wherein: said step of allowing does not include using 
said credentials of said second entity to authorize said first entity to access resources (Page. 7, 
Paragraph. 0070). 

23. As per claims 22,30,38 Stolfo disclosed wherein: said Identity System is part of an 
integrated Identity System and Access System; and said steps of associating and allowing 
provide for said first entity to be said proxy for said second entity in said Identity System but 
does not provide for said first entity to be said proxy for said second entity in said Access System 
(Page. 18, Paragraph. 0209). 
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24. As per claims 23,3 1,39 Stolfo disclosed wherein: said Identity System is part of an 
integrated Identity System and Access System; said step of associating includes the steps of 
accessing an Identity System cookie for said first entity, said Identity System cookie stores an 
identification of said first entity, and storing an identification of said second entity in said an 
Identity System cookie for said first entity (Page. 18, Paragraph. 0209); said Access System uses 
a Access System cookie for said first entity, said Identity System cookie is separate from said 
Access System cookie; and said Access System cookie for said first entity does not store an 
indication of said second entity (Page. 11, Paragraph. 0114). 

25. As per claim 35 Stolfo disclosed wherein: said step of associating include, the steps of: 
accessing an Identity System cookie for said first entity, said Identity System cookie stores an 
identification of said first entity, storing said identification of said first entity from said step of 
accessing in a second cookie (Page. 18, Paragraph. 0207), and storing an identification of said 
second entity in said an Identity System cookie for said first entity; and said method further 
comprises the steps of: receiving a request to terminate said first entity being a proxy for said 
second entity; accessing said identification of said first entity in said second cookie, and storing 
said identification of said first entity in said Identity System cookie for said first entity (Page. 18, 
Paragraph. 209). 

26. As per claim 45 Stolfo disclosed One or more processor readable storage devices having 
processor readable code embodied on said processor readable storage devices, said processor 
readable code for programming one: or more processors to perform a method comprising the 
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steps of: receiving an indication that a first entity can be a proxy for a second entity, said 
indication is from said second entity; receiving an indication from said first entity to become said 
proxy for said second entity (Page. 5, Paragraph. 0056); associating said first entity with one or 
more credentials of said second entity without authenticating said first entity as said second 
entity; and allowing said first entity to use said system as said second entity based on said one or 
more credentials of said second entity (Page. 13, Paragraph. 0141). 



Conclusion 

27. Any inquiry concerning this communication or earlier communication from the examiner 
should be directed to Adnan Mirza whose telephone number is (571)-272-3885. 

28. The examiner can normally be reached on Monday to Friday during normal business 
hours. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Valencia Martin Wallace can be reached on (571)-272-6159. The fax for this group is 
(703)-746-7239. 
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29. The fax phone numbers for the organization where this application or proceeding is 
assigned are as follows: 

(703)-746-7239 (For Status Inquiries, Informal or Draft Communications, please label 
"PROPOSED" or "DRAFT"); 

(703)-746-7239 (For Official Communications Intended for entry, please mark "EXPEDITED 
PROCEDURE"), 

(703)-746-7238 (For After Final Communications). 

30. Any Inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is (703)-305-3900. 

Any response to a final action should be mailed to: 



Commissioner of Patents and Trademarks Washington, D.C.20231 
Or faxed to: 

Hand-delivered responses should be brought to 4 th Floor Receptionist, Crystal Park II, 
2021 Crystal Drive, Arlington, VA 22202. 
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